• DPKI: Addressing the Disadvantages of Centralized PKI by Means of Blockchain



      Digital certificates are one of the most commonly known auxiliary tools that help protect data across public networks. However, the key disadvantage of this technology is also commonly known: users are forced to implicitly trust certification authorities which issue digital certificates. Andrey Chmora, Technology and Innovations Director at ENCRY, suggested a new approach for building a Public Key Infrastructure (PKI) to eliminate the existing disadvantages using the distributed ledger (blockchain) technology.
      Let's begin with the basics.
      Read more →
    • Lessons learned from testing Over 200,000 lines of Infrastructure Code


        IaC (Infrastructure as Code) is a modern approach and I believe that infrastructure is code. It means that we should use the same philosophy for infrastructure as for software development. If we are talking that infrastructure is code, then we should reuse practices from development for infrastructure, i.e. unit testing, pair programming, code review. Please, keep in mind this idea while reading the article.


        Russian Version

        Read more →
      • Configuration of the Warnings Next Generation plugin for integration with PVS-Studio

          Picture 4


          The PVS-Studio 7.04 release coincided with the release of the Warnings Next Generation 6.0.0 plugin for Jenkins. Right in this release Warnings NG Plugin added support of the PVS-Studio static code analyzer. This plugin visualizes data related to compiler warnings or other analysis tools in Jenkins. This article will cover in detail how to install and configure this plugin to use it with PVS-Studio, and will describe most of its features.
          Read more →
        • Bypassing LinkedIn Search Limit by Playing With API

          • Translation
          [Because my extension got a lot of attention from the foreign audience, I translated my original article into English].

          Limit


          Being a top-rated professional network, LinkedIn, unfortunately, for free accounts, has such a limitation as Commercial Use Limit (CUL). Most likely, you, same as me until recently, have never encountered and never heard about this thing.

          image

          The point of the CUL is that when you search people outside your connections/network too often, your search results will be limited with only 3 profiles showing instead of 1000 (100 pages with 10 profiles per page by default). How ‘often’ is measured nobody knows, there are no precise metrics; the algorithm decides it based on your actions – how frequently you’ve been searching and how many connections you’ve been adding. The free CUL resets at midnight PST on the 1st of each calendar month, and you get your 1000 search results again, for who knows how long. Of course, Premium accounts have no such limit in place.

          However, not so long ago, I’ve started messing around with LinkedIn search for some pet-project, and suddenly got stuck with this CUL. Obviously, I didn’t like it that much; after all, I haven’t been using the search for any commercial purposes. So, my first thought was to explore this limit and try to bypass it.

          [Important clarification — all source materials in this article are presented solely for informational and educational purposes. The author doesn't encourage their use for commercial purposes.]
          Read more →
        • How we created IoT system for managing solar energy usage

            If you have no idea about the development architecture and mechanical/electrical design behind IoT solutions, they could seem like "having seemingly supernatural qualities or powers". For example, if you show a working IoT system to 18th century people, they'd think it's magic.This article is sort of busting such myth. Or, to put it more technically, about hints for fine-tuning the IoT development for an awesome project in solar energy management area.

            Read more →
          • 2019 National Internet Segments Reliability Research & Report



              This report explains how the outage of a single AS can affect the connectivity of the impacted region with the rest of the world, especially when it is the dominant ISP on the market. Internet connectivity at the network level is driven by interaction between autonomous systems (AS’s). As the number of alternate routes between AS’s increases, so goes the fault-resistance and stability of the internet across the network. Although some paths inevitably become more important than others, establishing as many alternate routes as possible is the only viable way to ensure an adequately robust system.

              The global connectivity of any AS, regardless of whether it is a minor provider or an international giant, depends on the quantity and quality of its paths to Tier-1 ISPs. Usually, Tier-1 implies an international company offering global IP transit service over connections to other Tier-1 providers. But there is no guarantee that such connectivity will be maintained. Only the market can motivate them to peer with other Tier-1’s to deliver the highest quality service. Is that enough? We explore this question in the IPv6 section below. For many ISPs at all levels, losing connection to just one Tier-1 peer would likely render them unreachable in some parts of the world.

              Measuring Internet Reliability


              Let’s examine a case where an AS experiences significant network degradation. We want to answer the following question: “How many AS’s in the region would lose connectivity with Tier-1 operators and their global availability along with it?”
              Read more →
            • AdBlock has stolen the banner, but banners are not teeth — they will be back

              More
              Ads
            • PVS-Studio 7.04

                Picture 4

                Summer is not only a holiday season, but also time of fruitful work. Sunny days are so inspiring that there's enough energy both for late walks and large code commits. The second summer PVS-Studio 7.04 release turned out to be quite large, so we suggest for your attention this press release, in which we'll tell you about everything.
                Read more →
              • Analysis of the Apache Dubbo RPC Framework by the PVS-Studio Static Code Analyzer

                  Picture 2

                  Apache Dubbo is one of the most popular Java projects on GitHub. It's not surprising. It was created 8 years ago and is widely applied as a high-performance RPC environment. Of course, most of the bugs in its code have long been fixed and the quality of the code is maintained at a high level. However, there is no reason to opt out of checking such an interesting project using the PVS-Studio static code analyzer. Let's see how it turned out.
                  Read more →
                • Smart Manufacturing and Industry 4.0: Three Main Technological Trends



                    In recent years we've witnessed massive technological improvements and innovations that re-shaped how industrial objects look like and work. This shift was called an Industry 4.0, i.e., a new phase in the Industrial Revolution that focuses heavily on connectivity, automation, machine learning, and real-time data, all for increasing the productivity, fueling effectiveness of business processes and lifting up the level of security.
                    Read more →
                  • How to set up PVS-Studio in Travis CI using the example of PSP game console emulator

                      PPSSPP

                      Travis CI is a distributed web service for building and testing software that uses GitHub as a source code hosting service. In addition to the above scripts, you can add your own, thanks to the extensive configuration options. In this article we will set up Travis CI for working with PVS-Studio by the example of PPSSPP code.
                      Read more →
                    • How to Make Emails and Not Mess Up: Practical Tips

                      • Tutorial


                      A developer, who first encountered generating emails, has almost no chance to write an application, that will do it correctly. Around 40% of emails, generated by corporate applications, are violating some form of standard, and due to this, there are problems with delivery and display. There are reasons for this: emails are technically more difficult than the web, and operating emails is regulated by a few hundred standards, as well as an uncountable number of generally accepted (and not as much) practices, whereas the email clients are more varied and unpredictable than browsers. Testing may significantly improve the situation, but materials that are dedicated to testing the email system, are practically non-existent.

                      Mail.ru regularly interacts with its users by email. In our projects, all the components responsible for generating emails and even individual mailings, are subject to mandatory testing. In this article, we will share our experience (learning from our mistakes).
                      Read more →
                    • Blockchain RSA-based random

                        There’s a problem we needed to address in the course of developing our games. It’s complicated to generate a random number in a distributed network. Almost all blockchains have already faced this issue. Indeed, in networks where there is no trust between anyone, the creation of a random number solves a wide range of problems.

                        In this article, we explain how we solved this problem for our games. The first of these was Waves Xmas Tree.



                        Read more →
                      • Qrator filtering network configuration delivery system



                          TL;DR: Client-server architecture of our internal configuration management tool, QControl.
                          At its basement, there’s a two-layered transport protocol working with gzip-compressed messages without decompression between endpoints. Distributed routers and endpoints receive the configuration updates, and the protocol itself makes it possible to install intermediary localized relays. It is based on a differential backup (“recent-stable,” explained further) design and employs JMESpath query language and Jinja templating for configuration rendering.

                          Qrator Labs operates on and maintains a globally distributed mitigation network. Our network is anycast, based on announcing our subnets via BGP. Being a BGP anycast network physically located in several regions across the Earth makes it possible for us to process and filter illegitimate traffic closer to the Internet backbone — Tier-1 operators.

                          On the other hand, being a geographically distributed network bears its difficulties. Communication between the network points-of-presence (PoP) is essential for a security provider to have a coherent configuration for all network nodes and update it in a timely and cohesive manner. So to provide the best possible service for customers, we had to find a way to synchronize the configuration data between different continents reliably.
                          In the beginning, there was the Word… which quickly became communication protocol in need of an upgrade.
                          Read more →
                        • Getting Started with the PVS-Studio Static Analyzer for C++ Development under Linux

                            PVS-Studio supports analyzing projects developed in C, C++, C#, and Java. You can use the analyzer under Windows, Linux, and macOS. This small article will tell you the basics of analyzing C and C++ code in Linux environment.

                            Installation


                            There are different ways to install PVS-Studio under Linux, depending on your distro type. The most convenient and preferred method is to use the repository, since it allows auto-updating the analyzer upon releasing new versions. Another option is to use the installation package, which you can get here.
                            Read more →
                          • 12.3 million of concurrent WebSockets

                            One thing about WebSockets is that you need a lot of resources on the client's side to generate high enough load for the server to actually eat up all the CPU resources.


                            There are several challenges you have to overcome because the WebSockets protocol is more CPU demanding on the client's side than on the server's side. At the same time you need a lot of RAM to store information about open connections if you have millions of them.


                            I've been lucky enough to get a couple of new servers for a limited period of time at my disposal for the hardware "burnout" tests. So I decided to use my Lua Application Server — LAppS to do both jobs: test the hardware and perform the LAppS high load tests.


                            Read more →
                          • GitHub Package Registry will support Swift packages

                              On May 10, we announced the limited beta of GitHub Package Registry, a package management service that makes it easy to publish public or private packages next to your source code. It currently supports familiar package management tools: JavaScript (npm), Java (Maven), Ruby (RubyGems), .NET (NuGet), and Docker images, with more to come.

                              Today we’re excited to announce that we’ll be adding support for Swift packages to GitHub Package Registry. Swift packages make it easy to share your libraries and source code across your projects and with the Swift community.

                              Read more →
                            • Most Popular Computer Problems We Are Facing Everyday

                                In today’s contemporary world the private computer has become a staple of daily life.
                                Even those few persons who don't use computers in their daily work life can possibly have access to a computer on that they perform alternative necessary tasks.

                                With all of the access to info that computers permit and with all of the work they will facilitate a personal perform, this trend of a computer in every home and in each workplace of business isn't shocking.

                                But what may be shocking, and downright aggravating, is when the computer you are working on suddenly shuts off, goes blank, or explodes in the dreaded blue screen of death.

                                These and other common computer problems are among the most frequently occurring issues that one might experience with their computers.

                                The following may be a list of 5 common Computer issues and what may be done to mend them.
                                Read more →
                              • Microservices architecture & implementation Step-by-Step Part 1

                                Hi All,

                                I’m in the process of implementing a new simple microservices-based project as an example of a step-by-step guide for those who had a hard time with a microservices architecture and are still looking for “another” good reference. Also, I would really appreciate thought through feedback and proposal to make this project a high-quality chunk of work.

                                There are tons of articles and source code examples. But, unfortunately, I could not find any reference with simple step-by-step instructions, without doing a deep dive into Docker, Event Store, a multitude of configurations, cloud deployment stuff, etc. I cloned several projects and tried to start playing with them, but you know, only God knows how to start them, which dependencies are missing and why all those scripts are failing with thousands of ERRORS.

                                For example, this eShop project from Microsoft contains all we need, but it is not so simple to figure out what is going on there, SQL database connection strings, Docker scripts fail, no How-Tos and I’m not sure it is super-simple architecture you need to start with.

                                image
                                Read more →